【摘要】：隨著計算機時代和信息化時代的高速發(fā)展,網(wǎng)絡(luò)技術(shù)憑借著信息實時性和傳輸高速性等優(yōu)勢與工業(yè)系統(tǒng)控制和智能化家電等技術(shù)的結(jié)合日趨緊密,網(wǎng)絡(luò)時代為嵌入式系統(tǒng)的發(fā)展帶來了全新的機遇和巨大的挑戰(zhàn)。黑客可以通過破解用戶密碼或者使用木馬攻擊等方式在一個對傳輸?shù)臄?shù)據(jù)不做任何加密處理的網(wǎng)絡(luò)文件傳輸系統(tǒng)中竊取用戶的重要信息,這樣的網(wǎng)絡(luò)文件傳輸系統(tǒng)對數(shù)據(jù)的保密性極低,無法保障文件傳輸?shù)陌踩�。對嵌入式環(huán)境下網(wǎng)絡(luò)文件傳輸系統(tǒng)的安全性研究必須盡早提上日程,這不僅僅是國防安全的需要,也是商業(yè)、工業(yè)和個人信息安全的迫切需要。本課題在分析眾多嵌入式操作系統(tǒng)的種類和架構(gòu)的基礎(chǔ)上,挑選出最適合系統(tǒng)開發(fā)的Linux操作系統(tǒng)。選擇OK6410開發(fā)板作為硬件開發(fā)平臺,設(shè)計了系統(tǒng)的軟件架構(gòu)、功能框架以及系統(tǒng)基本工作流程。使用交叉開發(fā)工具鏈arm-linux-gcc構(gòu)建了系統(tǒng)的交叉開發(fā)環(huán)境。本論文從系統(tǒng)軟件需求角度展開,重點研究了以下幾部分內(nèi)容:(1)Linux操作系統(tǒng)移植。配置了U-Boot并將U-Boot移植到OK6410開發(fā)板中。采用基于文本模式的菜單型配置方法編譯了內(nèi)核;將內(nèi)核映像文件移植到開發(fā)板中;使用Busybox配置工具構(gòu)建了根文件系統(tǒng),并將最小根文件系統(tǒng)采用NFS方式掛載到系統(tǒng)內(nèi)核中。(2)基于OpenSSL加密傳輸協(xié)議設(shè)計。分別基于TCP網(wǎng)絡(luò)通信協(xié)議設(shè)計了客戶端和服務(wù)器端的通信模型,實現(xiàn)了客戶端和服務(wù)器端的文件互傳。在客戶端和服務(wù)器端通信模型的基礎(chǔ)上,加入了基于OpenSSL的加密傳輸協(xié)議,保障系統(tǒng)文件傳輸?shù)陌踩浴?3)線程池優(yōu)化與MD5碼設(shè)計。在服務(wù)器端設(shè)計了線程池優(yōu)化技術(shù),設(shè)置了五個線程處理客戶端的連接請求,提高了系統(tǒng)的資源利用率。設(shè)計了賬號密碼驗證功能,用戶密碼驗證成功后才可以使用客戶端的有效功能。加入MD5碼的設(shè)計,通過重復(fù)下載server文件驗證了系統(tǒng)文件的秒傳功能。本課題對客戶端和服務(wù)器端的功能測試結(jié)果表明,本系統(tǒng)的基本功能已經(jīng)完善。線程池中5個線程的工作優(yōu)化了系統(tǒng)的資源利用率,通過多次下載server文件驗證了系統(tǒng)文件秒傳功能的有效性。
[Abstract]:With the rapid development of the computer era and the information age, the combination of network technology with industrial system control and intelligent household appliances is becoming more and more close by virtue of the advantages of real-time and high-speed transmission of information. Network era brings new opportunities and great challenges to the development of embedded system. Hackers can steal important user information in a network file transfer system that does not do any encryption of the transmitted data by cracking the user's password or using Trojan horse attacks. This kind of network file transfer system can not guarantee the security of file transfer because of its low data confidentiality. The research on the security of network file transfer system in embedded environment must be put on the agenda as soon as possible, which is not only the need of national defense security, but also the urgent need of commercial, industrial and personal information security. On the basis of analyzing the kinds and architectures of many embedded operating systems, this paper selects the most suitable Linux operating system for system development. The OK6410 development board is selected as the hardware development platform, and the software architecture, functional framework and basic workflow of the system are designed. The cross-development environment is constructed by using cross-development tool chain (arm-linux-gcc). This thesis focuses on the following parts from the point of view of system software requirements: (1) porting Linux operating system. U-Boot is configured and U-Boot is ported to the OK6410 development board. The kernel is compiled by the menu configuration method based on text mode, and the kernel image file is transplanted to the development board. The root file system is constructed by using Busybox configuration tool, and the smallest root file system is mounted to the kernel of the system by NFS. (2) Design of encryption transfer protocol based on OpenSSL. The communication models of client and server are designed based on TCP network communication protocol, and the file transfer between client and server is realized. On the basis of the communication model between the client and the server, the encryption transfer protocol based on OpenSSL is added to ensure the security of file transfer in the system. (3) Thread pool optimization and MD5 code design. The thread pool optimization technology is designed on the server side, and five threads are set up to handle the connection request of the client, which improves the resource utilization of the system. The account password verification function is designed, and the effective function of the client can only be used after the user password verification is successful. Add the design of MD5 code, and verify the function of second transmission of system files by downloading server file repeatedly. The test results of client and server show that the basic function of the system has been improved. The work of five threads in the thread pool optimizes the resource utilization of the system, and the effectiveness of the second transmission function of the system file is verified by downloading the server files several times.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TP316.81;TP393.0

【參考文獻】

相關(guān)期刊論文 前10條

1 彭玉峰;趙越;張淑麗;金龍;林思宏;;基于ARM11的嵌入式Linux NAND FLASH模擬U盤掛載分析與實現(xiàn)[J];現(xiàn)代電子技術(shù);2012年16期

2 陳蘭香;;一種基于同態(tài)Hash的數(shù)據(jù)持有性證明方法[J];電子與信息學(xué)報;2011年09期

3 孫維國;李浩然;;MD5算法在數(shù)據(jù)安全中的應(yīng)用及安全性分析[J];微計算機應(yīng)用;2010年10期

4 李宗海;陳蜀宇;李海偉;;嵌入式Linux系統(tǒng)在ARM平臺上的構(gòu)建[J];計算機系統(tǒng)應(yīng)用;2010年10期

5 韋峰;盧再奇;劉偉;;YAFFS2在嵌入式系統(tǒng)中的實現(xiàn)[J];現(xiàn)代電子技術(shù);2010年08期

6 唐浩波;方兵;侯克斌;周建斌;;基于ARM的安全文件傳輸系統(tǒng)設(shè)計[J];中國科技信息;2010年04期

7 袁磊;朱怡安;蘭婧;;嵌入式系統(tǒng)BootLoader設(shè)計與實現(xiàn)[J];計算機測量與控制;2009年02期

8 劉松;鐘子發(fā);;基于對等模式的Socket網(wǎng)絡(luò)通信[J];微處理機;2008年05期

9 龐啟寧;;一種基于注冊碼的軟件加密算法[J];通信與廣播電視;2008年02期

10 胡維;張方櫻;;構(gòu)建嵌入式Linux的根文件系統(tǒng)的busybox方法[J];廣州大學(xué)學(xué)報(自然科學(xué)版);2008年03期

相關(guān)碩士學(xué)位論文 前1條

1 楊超;Linux多協(xié)議多線程下載技術(shù)的研究與實現(xiàn)[D];大連海事大學(xué);2011年

，

本文編號：2301760